CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-44716
High

In Pipecat, from version 0.0.90 to before version 1.2.0, a path traversal vulnerability exists in the development runner. This allows an attacker to access files that the pipecat process has permissions for through a single unauthenticated HTTP request.

CVE-2026-41732
High

Vulnerability in JsonPulsarHeaderMapper in Spring for Apache Pulsar where type header matching against trusted packages used a prefix check, meaning trusting any package implicitly trusted all its subpackages. Additionally, an empty trusted-packages configuration fell back to trusting all packages instead of applying a safe default allow-list.

CVE-2026-41731
High

A vulnerability in Spring for Apache Kafka allows arbitrary JDK type deserialization via crafted message headers. JsonKafkaHeaderMapper and the deprecated DefaultKafkaHeaderMapper match trusted packages using a prefix check, enabling bypass of security restrictions.

CVE-2026-41729
High

Spring Data REST is vulnerable to SpEL expression injection through map-typed properties when processing JSON Patch requests. The map key is embedded directly into a SpEL expression without sanitization or validation.

CVE-2026-41728
High

A vulnerability in Spring Data REST's JSON Patch (application/json-patch+json) implementation fails to apply the write-access filter to intermediate path segments when resolving a multi-segment JSON Pointer. This allows an attacker to bypass access controls and modify resources they should not have write access to.

CVE-2026-41717
High

A SpEL injection vulnerability in Spring Data MongoDB occurs during parameter binding in @Query annotated repository methods using a capture-all placeholder. Attackers can inject malicious SpEL expressions, potentially leading to remote code execution or data compromise.

CVE-2026-41716
High

Spring Data's internal property-lookup cache accepts and permanently retains attacker-supplied strings as cache keys, allowing heap exhaustion through repeated requests.

CVE-2026-41695
High

Spring Data Commons applications may be vulnerable to denial of service through resource exhaustion when attacker-controlled property path strings are passed to MappingContext property path resolution.

CVE-2026-41003
High

An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters.

CVE-2026-40993
High

A vulnerability in Spring Security allows an attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository (saml2_asserting_party_metadata) to store malicious serialized payloads in the columns containing the collection of verification or encryption credentials (verification_credentials and encryption_credentials, respectively).

CVE-2026-40988
High

An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates the compressed SAML payload into memory.

CVE-2026-9753
High

The $_internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff, potentially leading to memory out-of-bounds or crashing the server.

CVE-2026-9742
High

When OIDC authentication is enabled, clients may set specific values in the 'mechanism' parameter of the 'authenticate' command that lead to server crash. The 'authenticate' command is accessible to unauthenticated clients, resulting in pre-auth denial-of-service in affected product configurations.

CVE-2026-9740
High

A vulnerability in MongoDB Server's BSON validation logic allows an unauthenticated user to crash the mongod process by sending a specially crafted message. The BSON validator's handling of certain nested binary data structures permits uncontrolled mutual recursion between validation functions.

CVE-2026-46374
High

SQLFluff is a modular SQL linter and auto-formatter that prior to version 4.2.0 had a vulnerability allowing untrusted users to submit malicious long SQL queries. This could lead to a Denial of Service attack through resource exhaustion.

CVE-2026-46373
High

SQLFluff is a modular SQL linter and auto-formatter that prior to version 4.1.0 had a vulnerability allowing untrusted users to submit malicious SQL queries. Such queries could lead to Denial of Service through resource exhaustion.

CVE-2026-34713
High

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Uncontrolled Resource Consumption vulnerability. An attacker could exploit this vulnerability to exhaust system resources, resulting in an application denial-of-service condition.

CVE-2026-34712
High

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Improper Input Validation vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition.

CVE-2026-34711
High

CAI Content Credentials versions [email protected], c2pa-v0.80.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition.

CVE-2026-48292
High

Format Plugins versions 1.1.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

PreviousPage 160 of 3362Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS